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DETAILED ACTION 

This office action is in response to the Amendment filed on September 13, 2007. Claims 
28-54 are pending in the current application. All previously outstanding objections and 
rejections to the Applicant's disclosure and claims not contained in this Action have 
been respectfully withdrawn by the Examiner hereto. 

Response to Amendment 

1 . Amendment to the specification overcomes the previous objection to the 
specification. 

Response to Arguments 

2. Applicant's arguments with respect to claims 28, 40, and 52 have been 
considered but are moot in view of the new ground(s) of rejection. 

Claim Objections 

3. Claims 1 , 32, 39-40, 44, and 52 are objected to because of the following 
informalities: the recitation of "the set of user processes" should be "the set of one or 
more user processes", for example claim 1, line 14; 

4. claim 39, the recitation of "initializer" should be "initialization", for example line 3. 
Appropriate correction is required. 

Claim Rejections - 35 USC § 101 

5. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

6. Claims 40-54 are rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. 
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With respect to claims 40-51, the "machine-readable storage medium," in 
accordance with Applicant's specification, may be acoustic or light waves, such as those 
generated during radio-wave and infra-red data communications or carrier wave 
(paragraphs [0092]-[0093]). This subject matter is not limited to that which falls within a 
statutory category of invention because it is not limited to a process, machine, 
manufacture, or a composition of matter. Instead, it includes a form of energy. Energy 
does not fall within a statutory category since it is clearly not a series of steps or acts to 
constitute a process, not a mechanical device or combination of mechanical devices to 
constitute a machine, not a tangible physical article or object which is some form of 
matter to be a product and constitute a manufacture, and not a composition of two or 
more substances to constitute a composition of matter. 

With respect to claims 52-54, an "apparatus" is being recited; however, it appears 
that an apparatus would reasonably be interpreted by one of ordinary skill in the art as 
software, per se. An apparatus as claimed does not set forth a means to realize the 
software, per se such as being stored in a memory or computer storage media. As 
such, it is believed that an apparatus of claims 52-54 is reasonably interpreted as 
functional descriptive material, per se. 

Claim Rejections - 35 USC §112 
7. The following is a quotation of the first paragraph of 35 U.S.C. 112: 

The specification shall contain a written description of the invention, and of the manner and process of 
making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the 
art to which it pertains, or with which it is most nearly connected, to make and use the same and shall 
set forth the best mode contemplated by the inventor of carrying out his invention. 
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8. Claims 28-54 are rejected under 35 U.S.C. 1 12, first paragraph, as failing to 
comply with the written description requirement. The claim(s) contains subject matter 
which was not described in the specification in such a way as to reasonably convey to 
one skilled in the relevant art that the inventor(s), at the time the application was filed, 
had possession of the claimed invention. 

Claims 28, 40, and 52 the recitation of "wherein each user process in the first set 
of user processes has the first zone identifier associated therewith" and "wherein each 
user process in the second set of user processes has the second zone identifier 
associated therewith is not disclosed in the specification. Thorough review of the 
specification by the Examiner did not result in finding of the subject matter properly 
disclosed in the specification. 

Claims 30, 42, and 53 the recitation of "receiving a command to terminate the 
first application environment; and in response to the command to terminate the first 
application environment," is not disclosed in the specification. Thorough review of the 
specification by the Examiner did not result in finding of the subject matter properly 
disclosed in the specification. 

Claims 31, 43, and 54 the recitation of "receiving a command to re-establish the 
first application environment; and in response to the command to re-establish the first 
application environment," is not disclosed in the specification. Thorough review of the 
specification by the Examiner did not result in finding of the subject matter properly 
disclosed in the specification. 
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Claims 34 and 46 the recitation of "terminating all user processes executing 
within the first non-global zone, thereby terminating the first application environment" is 
not disclosed in the specification. Thorough review of the specification by the Examiner 
did not result in finding of the subject matter properly disclosed in the specification. 

Claims 35 and 47 the recitation of "terminating all user processes executing 
within the first non-global zone, thereby terminating the first application environment; 
and 

performing one or more tasks from the group consisting of stopping a scheduler 
process," is not disclosed in the specification. Thorough review of the specification by 
the Examiner did not result in finding of the subject matter properly disclosed in the 
specification. 

Claims 36 and 48 the recitation of "a first administrator" and "a second 
administrator" is not disclosed in the specification. Thorough review of the specification 
by the Examiner did not result in finding of the subject matter properly disclosed in the 
specification. 

Claims 38 and 50 the recitation of "wherein the configuration information 
comprises one or more parameters from the group consisting of a zone name, a path to 
a root directory for the first non-global zone, specification of one or more file systems to 
be mounted when the first non-global zone is readied, specification of one or more 
network interfaces, specification of one or more devices to be configured when the first 
non global zone is readied" is not disclosed in the specification. Thorough review of 
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the specification by the Examiner did not result in finding of the subject matter properly 
disclosed in the specification. 

Claims 29, 32-33, 37, 39, 41, 44-45, 49, and 51 are rejected since they are 
dependent on independent claims 28, 40, and 52. 

Claim Rejections - 35 USC § 103 

9. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

10. Claims 28-54 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
United States Patent Application Publication 2002/0174215 A1 to Schaefer.in view of 
International Application Publication WO 00/45262 to Susser et al. (hereinafter Susser). 

11. As to claim 28, Schaefer teaches the invention substantially as claimed including 
a machine-implemented method, comprising: 

establishing, within a global operating system environment provided by a kernel 
instance (Operating System 10, Fig. 1, paragraph [0013]), a first non-global zone which 
serves as a first virtual platform for supporting and isolating user processes (application 
52, Fig. 2) (paragraphs [0018]-[0019]), 

establishing, within said global operating system environment, a second non- 
global zone which serves as a second virtual platform for supporting and isolating user 
processes (application 54, Fig. 2) (paragraphs [0018]-[0019]); and 
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isolating the first set of one or more user processes (application 52, Fig. 2) within 
the first non-global zone and the second set of one or more user processes within the 
second non-global zone (application 54, Fig. 2) (paragraph [0012]). 

Schaefer does not explicitly disclose wherein the first non-global zone has a first 
zone identifier associated therewith, and wherein the first non-global zone is established 
and exists without requiring any user processes to be running therein; 

wherein the second non global zone has a second zone identifier associated 
therewith, and wherein the second non-global zone is established and exists without 
requiring any user processes to be running therein; 

executing a first set of one or more user processes within the first non global 
zone, wherein each user process in the first set of user processes has the first zone 
identifier associated therewith; 

executing a second set of one or more user processes within the second non- 
global zone, wherein each user process in the second set of user processes has the 
second zone identifier associated therewith; and 

the first set of one or more user processes cannot access processes in the 
second non-global zone and the second set of one or more user processes cannot 
access processes in the first non-global zone. 

However Susser teaches wherein the first non-global zone has a first zone 
identifier associated therewith (e.g. Unique Name, page 11, line 25), and wherein the 
first non-global zone is established and exists without requiring any user processes to 
be running therein (Context 1, 770, Fig. 7, page 11, lines 29-31); 
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wherein the second non global zone has a second zone identifier associated 
therewith (e.g. Unique Name, page 11, line 25), and wherein the second non-global 
zone is established and exists without requiring any user processes to be running 
therein (Context 2, 780, Fig. 7, page 11, lines 29-31); 

executing a first set of one or more user processes within the first non global 
zone (Object 440, Fig. 9), wherein each user process in the first set of user processes 
has the first zone identifier associated therewith (page 11, lines 25-27); 

executing a second set of one or more user processes within the second non- 
global zone (Object 640, 910, Fig. 9), wherein each user process in the second set of 
user processes has the second zone identifier associated therewith (page 1 1 , lines 25- 
27); and 

the first set of one or more user processes (Object 640, Fig. 6) cannot access 
processes in the second non-global zone (Object 636, Fig. 6) and the second set of one 
or more user processes cannot access processes in the first non-global zone (page 10, 
lines 26-31 and page 11, lines 1-2 and 13-14, e.g. Firewall, Context 1, 770, Context 2, 
780, Fig. 7). 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to have modified the OSGuard of Schaefer with the teachings of a 
Firewall from Susser because this feature would have provided a mechanism in which 
each context is separated from the other by a context barrier between the execution 
contexts (page 1 1 , lines 1 3-1 5 of Susser). 
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12. As to claim 29, Schaefer teaches the method of claim 28, wherein the kernel 
instance provides services (paragraph [0004]) that are invoked by the first set of user 
processes (paragraph [0012]), and wherein the services are invoked by the first set of 
user processes through the first virtual platform (paragraphs [0012] and [0019]). 

1 3. As to claim 30, Schaefer teaches the method of claim 28, wherein executing the 
first set of user processes within the first non-global zone causes a first application 
environment to be established within the first non-global zone (application 52, Fig! 2, 
paragraph [0019] and [0023]), and where the method further comprises: 

receiving a command to terminate the first application environment (e.g. unload 
virtual environment, paragraph [0024]); and 

in response to the command to terminate the first application environment 
(paragraph [0024]), terminating (e.g. unload) all user processes executing within the first 
non-global zone without halting the first non-global zone (e.g. release application by 
Process Manager 120, Fig. 4), so that the first non-global zone exists even after the first 
application environment is terminated (paragraph [0023]). 

14. As to claim 31 , Schaefer teaches the method of claim 30, further comprising: 
receiving a command to re-establish the first application environment (e.g. 

process needs to be loaded, paragraph [0023]); and 

in response to the command to re-establish the first application environment 
(paragraph [0023]), executing (e.g. load) the first set of user processes again within the 
first non-global zone (Process Environment Manager 114, Fig. 4), thereby re- 
establishing the first application environment within the first non-global zone (Process 
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Manager 120, Fig. 4, paragraph [0023]), wherein the first application environment is re- 
established within the first non-global zone without having to re-establish the first non- 
global zone (paragraph [0023]). 

1 5. As to claim 32, Schaefer teaches the method of claim 28, wherein a first set of 
resources are associated with the first non-global zone and a second set of resources 
are associated with the second non-global zone (paragraphs [0019] and [0022]); 

wherein the first set of resources are accessed by the first set of user processes 
through the first virtual platform and the second set of resources are accessed by the 
second set of user processes through the second virtual platform (paragraphs [0014], 
[0019] and [0022]); and 

wherein the first set of resources and the second set of resources each include 
one or more resources from the group consisting of a network interface, a 
communications interface, a file system, a system console, a DASD address, and an 
operating system service process (paragraph [0022]). 

16. As to claim 33, Schaefer as modified teaches the method of claim 32, wherein 
isolating the first set of user processes within the first non-global zone and the second 
set of user processes within the second non- global zone further comprises: 

preventing the first set of user processes (Object 640, Fig. 6 of Susser) from 
accessing the second set of resources associated with the second non global zone 
(Object 636, Fig. 6, page 10, lines 26-31 and page 11, lines 1-2 and 13-14, e.g. 
Firewall, Context 1 , 770, Context 2, 780, Fig. 7 of Susser); and 
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preventing the second set of user processes from accessing the first set of 
resources associated with the first non-global zone (page 10, lines 26-31 and page 11, 
lines 1-2 and 13-14, e.g. Firewall, Context 1, 770, Context 2, 780, Fig. 7 of Susser). 

17. As to claim 34, Schaefer teaches the method of claim 32, wherein executing the 
first set of user processes within the first non-global zone causes a first application 
environment to be established within the first non-global zone (application 52, Fig. 2, 
paragraph [0019] and [0023]), and wherein the method further comprises: 

receiving a command to halt the first non-global zone (paragraph [0024]); 

in response to the command to halt the first non-global zone (paragraph [0019]): 

terminating all user processes executing within the first non-global zone 
(unloading virtual environment, paragraph [0024]), thereby terminating the first 
application environment (paragraph [0023]); and 

disassociating the first set of resources from the first non-global zone (paragraph 
[0024]); 

wherein the second non-global zone is not affected by the command to halt the 
first non-global zone (paragraph [0019]). 

18. As to claim 35, Schaefer teaches the method of claim 32, wherein executing the 
first set of user processes within the first non-global zone causes a first application 
environment to be established within the first non-global zone (application 52, Fig. 2, 
paragraph [0019] and [0023]), and wherein the method further comprises: 

receiving a command to halt the first non-global zone (paragraph [0024]); 

in response to the command to halt the first non-global zone (paragraph [0019]): 
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terminating all user processes executing within the first non-global zone 
(unloading virtual environment, paragraph [0024]), thereby terminating the first 
application environment (paragraph [0023]); and 

performing one or more tasks from the group consisting of stopping a scheduler 
process, unmounting one or more file systems, closing one or more network interfaces, 
and removing configurations for devices associated with the first non-global zone (e.g. 
unloading virtual environment, paragraphs [0022] and [0024]); 

wherein the second non-global zone is not affected by the command to halt the 
first non-global zone (paragraph [0019]). 

19. As to claim 36, Schaefer teaches the method of claim 28, further comprising: 
allowing a first administrator to manage processes and resources within the first 

non- global zone (paragraph [0062]), wherein the first administrator is not allowed to 
manage processes and resources within the second non-global zone (paragraphs 
[0033] and [0062]); and 

allowing a second administrator to manage processes and resources within the 
second non-global zone (paragraph [0062]), wherein the second administrator is not 
allowed to manage processes and resources within the first non-global zone 
(paragraphs [0033] and [0062]). 

20. As to claim 37, Schaefer as modified teaches the method of claim 28, wherein 
establishing the first non-global zone comprises: 

accessing configuration information associated with the first non-global zone 
(paragraphs [0024] and [0062] of Schaefer); 
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installing files and directories necessary for the first non-global zone to function 
(paragraph [0024] of Schaefer); and 

readying the first non-global zone by performing one or more tasks from the 
group consisting of assigning the first zone identifier (e.g. Unique Name, page 1 1 , line 
25 of Susser), starting a scheduler process, establishing one or more network 
interfaces, mounting one or more file systems, initializing a system console, and 
configuring one or more devices (e.g. loading, paragraphs [0022] and [0024] of 
Schaefer); 

wherein readying the first non-global zone does not include executing user 
processes within the first non global zone (page 1 1 , lines 29-31 of Susser). 

21 . As to claim 38, Schaefer as modified teaches the method of claim 37, wherein 
the configuration information comprises one or more parameters from the group 
consisting of a zone name (e.g. Unique Name, page 11 , line 25 of Susser), a path to a 
root directory for the first non-global zone, specification of one or more file systems to 
be mounted when the first non-global zone is readied, specification of one or more 
network interfaces, specification of one or more devices to be configured when the first 
non global zone is readied, and specification of resource controls to be imposed on the 
first non-global zone (paragraph [0026] and [0040] of Schaefer). 

22. As to claim 39, Schaefer teaches the method of claim 28, wherein executing the 
first set of user processes within the first non-global zone comprises: 

executing an initialization process (Process Manager 120, Fig. 4, paragraph 
[0020]); and 
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initializing, by the initialization process, execution of the first set of user 
processes (paragraphs [0022]-[0023]). 

23. As to claims 40-51 , these claims are rejected for the same reasons as claims 28- 
39 respectively, since claims 40-51 recite the same or equivalent invention, see the 
rejections to claims 28-39 above. 

24. As to claim 52, this claim is rejected for the same reasons as claim 1 since claim 
52 recites the same or equivalent invention, see the rejection to claim 1 above. 

25. As to claim 53-54, this claim is rejected for the same reasons as claim 30-31 
since claim 53-54 recites the same or equivalent invention, see the rejection to claim 
30-31 above. 

Conclusion 

26. The prior art made of record on the accompanying PTO-892 and not relied upon, 
is considered pertinent to applicant's disclosure. 

27. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
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the advisory action. In no event, however, will the statutory period for reply expire later 

than SIX MONTHS from the mailing date of this final action. 

28. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to KimbleAnn Verdi whose telephone number is (571) 270- 
1654. The examiner can normally be reached on Monday-Friday 7:30am-5:00pm EST.. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, William Thomson can be reached on (571 ) 272-3718. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



November 26, 2007 
KV 



WILLIAM THOMSON 
SUPERVISORY PATENT EXAMINER 




